Systems Security Engineer (SSE)Work at the forefront of cybersecurity research and development, delivering capabilities to protect national security. Our projects cover the spectrum of security technologies, hardware architectures, and operating systems; if it runs code, we're interested in its security. We see the impact we have on our nation's security each day. We ensure our engineers have the tools they need to excel and we recognize superb results.
We're seeking a Systems Security Engineer to ensure secure product integration into Department of Defense customer systems, managing security requirements, risk assessments, and authorization processes. You'll maintain security artifacts including Attack Trees, Key Management Plans (KMP), and other documentation, mapping to different requirements frameworks that customers leverage within their systems. Additionally, you'll help establish secure development best practices for our product teams based on customer requirements and industry standards.
Security Clearance:Qualified applicants may be subject to a security investigation and must meet minimum qualifications for access to classified information. U.S. Citizenship is required. Qualified applicants must meet the requirements to obtain and maintain a Secret government security clearance (active clearance preferred).
Required Skills Include:- Experience as a Systems Security Engineer on DoD platforms
- Application and integration of security tools and concepts to DoD systems
- Deep knowledge of DoD cybersecurity requirements, frameworks, and processes (RMF, Anti-Tamper, Cyber Survivability, Zero Trust, etc.)
- Experience with security artifact development (Attack Trees, Key Management Plans, System Security Plans, etc.)
- Strong technical writing and documentation skills
- Ability to map security requirements across different frameworks
- Experience interfacing with government security personnel and accreditation authorities
- Understanding of cryptographic implementations and key management
The product team works with a large array of technologies, tools, and concepts, so other valuable skills and experience include:
- Direct experience developing Risk Management Framework (RMF) packages and Authorization to Operate (ATO) documentation for DoD platforms
- Knowledge of secure development practices and secure coding standards
- TPM and Secure Boot technologies
- Familiarity with OS internals (Linux and/or Windows)
- Understanding of virtualization security
- Security testing methodologies (penetration testing, vulnerability assessment)
- Experience with security requirements for embedded systems or kernel/driver software
- Knowledge of security assessment tools (static/dynamic analysis, fuzzing)
- Experience establishing secure development lifecycle processes
- Understanding of vulnerability management and CVE tracking
- Our ideal candidate is someone who can navigate complex DoD security requirements, communicate effectively with both technical and non-technical stakeholders, and establish practical security practices that protect our products and customers.
Our Interviews:Our interviews will assess your experience with DoD security processes, your technical understanding of the systems we secure, and your ability to establish practical security practices. Be prepared to discuss your experience with RMF, ATOs, and security artifact development.
